WO 2004/047399 PCT/EP2002/012816 

-15- 
CLAIMS 

1. A device (10) for storing personal profiles and for 
controlling the access, from a plurality of remote entities 
(16, 18, 20) within a telecommunication network supporting 

5 a plurality of services, to databases storing said personal 
profiles, characterised in that said device (10) comprises 
a first plurality of databases (44, 46, 48) and interfaces 
(24, 26) for managing and centrally controlling the access, 
from any of said remote entities (16, 18, 20), to said 
10 first plurality of databases (44, 46, 48) and to a second 
plurality of databases (50) , said interfaces (24, 26) 
comprising: 

- a plurality of adapters (26) toward said first (44, 46, 
48) and second (50) plurality of databases, each adapter 

15 being able to manage a corresponding typology of database ; 

- a plurality of application interfaces (28) toward said 
plurality of remote entities (16, 18, 20) able to manage 
different mechanisms for accessing databases; 

- an authentication unit (52) , for identification of said 
20 remote entities; 

- an authorization unit (37) for authorizing said remote 
entities (16, 18, 20) to use said adapters (26), by means 
of the verification of essential requirements and the 
management of a corresponding authorization to use; 

25 - an accounting unit (3 6) for tracking the accesses to said 
first (44, 46, 48) and second (50) plurality of databases. 

2. A device according to claim 1, wherein said 
accounting unit (36) tracks the accesses to said first (44, 
46, 48) and second (50) plurality of databases by means of 

30 the registration, for each access, of information related 
to the identity of the remote entity that made the access, 
to the access times and to the data exchanged during 
access . 
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3. A device according to claim 1, wherein said plurality 
of services comprises Voice over IP or multimedia or 
internet services . 

4. A device according to claim 1, wherein said adapters 
5 (26) allow the access to said first and second plurality of 

databases independently from the particular technology of 
the database . 

5. A device according to claim 1, wherein the access to 
said application interfaces (28) depends on a plurality of 

10 authorizations contained in an XML descriptor, 

6. A device according to claim 1/ wherein said interfaces 
(24, 26) allow the access to said first (44, 46, 48) and 
second (50) plurality of databases by means of trusted 
application interfaces (3 0) , in case the access is 

15 requested by authorized applications, and by means of 
untrusted application interfaces (32) , in case the access 
is requested by unknown applications. 

7. A device according to claim 6, wherein said interfaces 
(24, 26) allow the access to said first (44, 46, 48) and 

20 second (50) plurality of databases in a read mode. 

8. A device according to claim 6, wherein said interfaces 
(24, 26) allow the access to said first (44, 46, 48) and 
second (50) plurality of databases in a write mode for 
entering new information. 

25 9 . A device according to claim 6, wherein said interfaces 
(24, 26) allow the access to said first (44, 46, 48) and 
second (50) plurality of databases in a write mode for 
modifying existing inf ormation. 

10. A device according to claim 6, wherein said interfaces 
30 (24, 26) allow the access to said first (44, 46, 48) and 
second (50) plurality of databases in a search mode. 
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11. A device according to claim 1, wherein said first 
plurality of databases (44, 46, 48) contain information 
characterising a user in terms of user profile. 

12. A device according to claim 11, wherein said user 
5 profile comprises identity, personal data, preferences, 

subscribed services and used terminals. 

13. A device according to claim 1, wherein said first 
plurality of databases (44, 46, 48) contain information 
characterising a service in terms of service profile. 

10 14. A device according to claim 13, wherein said service 
profile comprises information characterising the 
configuration of services for different users. 

15. A device according to claim 1, wherein said first 
plurality of databases (44, 46, 48) contain information 

15 characterising the terminals used in said multimedia and/or 
telecommunication service network. 

16. A device according to claim 15, wherein said 
information characterising the terminals are stored into a 
generic terminal profile database, containing information 

20 relative to static characteristics of terminals, and into a 
network terminal profile database, containing information 
relative to dynamic characteristics of terminals. 

17. A telecommunication network comprising a device for 
storing personal profiles and for controlling the access, 

25 from a plurality of remote entities, to databases storing 
said personal profiles, characterized in that said device 
(10) is realized according to any of claims 1 to 16. 

18. A method of providing the access to databases for 
storing personal profiles, to a plurality of remote 

30 entities (16, 18, 20) within a telecommunication network 
supporting Voice over IP and/or multimedia and/or internet 
services, and for controlling said access, characterised in 
that it comprises the following steps: 
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- receiving an access request from any of said remote 
entities (16, 18, 20) ; 

- authenticating said remote entity by means of the 
identification of the remote entity requesting the access; 

5 - providing a logically centralized access to said 
databases for storing personal profiles by means of a 
plurality of application interfaces (28) suitable for 
managing different mechanisms for accessing databases and 
by means of a plurality of adapters (26) toward said 
10 databases, each adapter being able to manage a 
corresponding typology of database; 

- tracking said access by means of the registration of 
information related to the identity of the remote entity 
that effected the access. 

15 19. A method as claimed in claim 18, wherein said step of 
tracking said access comprises collecting information about 
the access time and the data exchanged during access. 

20. A method as claimed in claim 18, wherein said step of 
authenticating said remote entity comprises authorizing 

20 said remote entity by means of the verification of 
essential requirements and the management of a 
corresponding authorization to use. 

21. A computer program comprising computer program code 
means adapted to perform all the steps of any of claims 17 

25 to 19 when said program is run on a computer. 

22. A computer program as claimed in claim 21 embodied on 
a computer readable medium. 



